package com.vastcom.safe.conf;

import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
@Configuration
public class BrowerSecurityConfig extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(HttpSecurity http) throws Exception {
//        http.formLogin()
//                .and()
//                .authorizeRequests()
//                .anyRequest()
//                .authenticated();
        //原始表单登陆版
//        http.formLogin()
//                .loginPage("/login")
//                .loginProcessingUrl("/user/login")
//                .and()
//                .authorizeRequests() //定义那些URL需要被保护，那些不需要保护
//
// .antMatchers("/login").permitAll()  //设置所有人都可以访问页面
//
//                .anyRequest()//任何请求，登录后都可以访问
//                .authenticated()
//                .and()
//                .csrf().disable(); //关闭CSRF防护
        //自定义登录页简单版
              http.formLogin()
                      .loginPage("/login")
                      // .loginProcessingUrl("/login")
                      .and()
                      .authorizeRequests()
                      .antMatchers("/authentication/require").permitAll()
                      .antMatchers("/login").permitAll()
                      .anyRequest()
                      .authenticated()
                      .and()
                      .csrf().disable();
              //自定义跳转连接板





    }
}
